Exploitdb Exploits

3,138 exploits tracked across all sources.

Sort: Activity Stars
CVE-2007-2031 EXPLOITDB c VERIFIED
3proxy 0.5-0.5.3g - Remote Code Execution via Transparent Request Buffer Overflow
Buffer overflow in the HTTP proxy service for 3proxy 0.5 to 0.5.3g, and 0.6b-devel before 20070413, might allow remote attackers to execute arbitrary code via crafted transparent requests.
by vade79
CVE-2006-2022 EXPLOITDB c VERIFIED
Fenice < 1.10 - Remote Code Execution via RTSP URL Parsing Buffer Overflow
Buffer overflow in the parse_url function in the RTSP module (rtsp/parse_url.c) in Fenice 1.10 and earlier allows remote attackers to execute arbitrary code via a long URL.
by Xpl017Elz
CVE-2007-2365 EXPLOITDB c VERIFIED
Adobe GoLive 9 - Buffer Overflow via Crafted PNG File
Buffer overflow in Adobe Photoshop CS2 and CS3, Photoshop Elements 5.0, Illustrator CS3, and GoLive 9 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
by Marsu
CVE-2007-2366 EXPLOITDB c VERIFIED
Corel Paint Shop Pro 11.20 - Buffer Overflow via Crafted PNG File
Buffer overflow in Corel Paint Shop Pro 11.20 allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file.
by Marsu
CVE-2007-2363 EXPLOITDB c VERIFIED
IrfanView < 4.00 - Buffer Overflow via Crafted IFF File
Buffer overflow in IrfanView 4.00 and earlier allows user-assisted remote attackers to execute arbitrary code via a crafted .IFF file.
by Marsu
CVE-2007-2362 EXPLOITDB c VERIFIED
MyDNS 1.1.0 - Remote Buffer Overflow in update.c
Multiple buffer overflows in MyDNS 1.1.0 allow remote attackers to (1) cause a denial of service (daemon crash) and possibly execute arbitrary code via a certain update, which triggers a heap-based buffer overflow in update.c; and (2) cause a denial of service (daemon crash) via unspecified vectors that trigger an off-by-one stack-based buffer overflow in update.c.
by mu-b
CVE-2007-2356 EXPLOITDB c VERIFIED
Gimp 2.2.14 - Stack-Based Buffer Overflow in SUNRAS Plugin via RAS File
Stack-based buffer overflow in the set_color_table function in sunras.c in the SUNRAS plugin in Gimp 2.2.14 allows user-assisted remote attackers to execute arbitrary code via a crafted RAS file.
by Marsu
CVE-2007-1861 EXPLOITDB c VERIFIED
Linux Kernel < 2.6.20.8 - Denial of Service via NETLINK_FIB_LOOKUP Replies
The nl_fib_lookup function in net/ipv4/fib_frontend.c in Linux Kernel before 2.6.20.8 allows attackers to cause a denial of service (kernel panic) via NETLINK_FIB_LOOKUP replies, which trigger infinite recursion and a stack overflow.
by Alexey Kuznetsov
CVE-2007-2283 EXPLOITDB c VERIFIED
Freshdevices Freshview - Buffer Overflow
Buffer overflow in Fresh View 7.15 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file.
by Marsu
CVE-2007-2284 EXPLOITDB c VERIFIED
ABC-View Manager 1.42 - Buffer Overflow via Crafted PSP File
Buffer overflow in ABC-View Manager 1.42 allows user-assisted remote attackers to execute arbitrary code via a crafted .PSP file.
by Marsu
CVE-2007-2244 EXPLOITDB c VERIFIED
Adobe GoLive 9 - Buffer Overflow via Crafted BMP DIB or RLE File
Multiple buffer overflows in Adobe Photoshop CS2 and CS3, Illustrator CS3, and GoLive 9 allow user-assisted remote attackers to execute arbitrary code via a crafted (1) BMP, (2) DIB, or (3) RLE file.
by Marsu
CVE-2007-2565 EXPLOITDB c VERIFIED
Cdelia Software ImageProcessing - DoS
Cdelia Software ImageProcessing allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted BMP file.
by Dr.Ninux
CVE-2005-2878 EXPLOITDB c VERIFIED
GNU Mailutils 0.6 - Authenticated Remote Code Execution via IMAP SEARCH Command Format String
Format string vulnerability in search.c in the imap4d server in GNU Mailutils 0.6 allows remote authenticated users to execute arbitrary code via format string specifiers in the SEARCH command.
by Xpl017Elz
CVE-2007-2209 EXPLOITDB c VERIFIED
AccuSoft ImageGear - Buffer Overflow via Crafted .CLP File
Buffer overflow in igcore15d.dll 15.1.2.0 and 15.2.0.0 for AccuSoft ImageGear, as used in Corel Paint Shop Pro Photo 11.20 and possibly other products, allows user-assisted remote attackers to execute arbitrary code via a crafted .CLP file. NOTE: some details were obtained from third party sources.
by Marsu
CVE-2007-2274 EXPLOITDB c VERIFIED
Opera Browser 9.2 - Denial of Service via Malformed Torrent File
The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. NOTE: the original disclosure refers to this as a memory leak, but it is not certain.
by n00b
CVE-2007-2194 EXPLOITDB c VERIFIED
XnView 1.90.3 - Stack-based Buffer Overflow via Crafted XPM File
Stack-based buffer overflow in XnView 1.90.3 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.
by Marsu
CVE-2007-2193 EXPLOITDB c VERIFIED
ACDSee 9.0/Pro 8.1/Photo Editor 4.0 - Stack-Based Buffer Overflow via Crafted XPM File
Stack-based buffer overflow in the ID_X.apl plugin in ACDSee 9.0 Build 108, Pro 8.1 Build 99, and Photo Editor 4.0 Build 195 allows user-assisted remote attackers to execute arbitrary code via a crafted XPM file with a long section string. NOTE: some of these details are obtained from third party information.
by Marsu
CVE-2007-2192 EXPLOITDB c VERIFIED
Photofiltre Studio 8.1.1 - Buffer Overflow via Crafted TIFF File
Buffer overflow in Photofiltre Studio 8.1.1 allows user-assisted remote attackers to execute arbitrary code via a crafted .tif file.
by Marsu
CVE-2007-2187 EXPLOITDB c VERIFIED
eXtremail <= 2.1.1 - Remote Code Execution via Long DNS Response
Stack-based buffer overflow in eXtremail 2.1.1 and earlier allows remote attackers to execute arbitrary code via a long DNS response. NOTE: this might be related to CVE-2006-6926.
by mu-b
CVE-2007-1215 EXPLOITDB c VERIFIED
Microsoft Windows - Buffer Overflow
Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-related parameters" in crafted images.
by Lionel d'Hauenens
CVE-2007-1748 EXPLOITDB c VERIFIED
Windows 2000 Server SP4 and Server 2003 SP1/SP2 - Remote Code Execution via DNS RPC Zone Name Overflow
Stack-based buffer overflow in the RPC interface in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server SP 4, Server 2003 SP 1, and Server 2003 SP 2 allows remote attackers to execute arbitrary code via a long zone name containing character constants represented by escape sequences.
by devcode
CVE-2007-2083 EXPLOITDB c VERIFIED
ZoneAlarm Pro < 7.0.302.000 - Denial of Service or Arbitrary Code Execution via NtCreateKey and NtDeleteFile SSDT Hooks
vsdatant.sys in Check Point Zone Labs ZoneAlarm Pro before 7.0.302.000 does not validate certain arguments before being passed to hooked SSDT function handlers, which allows local users to cause a denial of service (system crash) or possibly execute arbitrary code via crafted arguments to the (1) NtCreateKey and (2) NtDeleteFile functions.
by Matousec Transparent security
CVE-2007-0018 EXPLOITDB c VERIFIED
Altdo Convert Mp3 Master - Memory Corruption
Stack-based buffer overflow in the NCTAudioFile2.AudioFile ActiveX control (NCTAudioFile2.dll), as used by multiple products, allows remote attackers to execute arbitrary code via a long argument to the SetFormatLikeSample function. NOTE: the products include (1) NCTsoft NCTAudioStudio, NCTAudioEditor, and NCTDialogicVoice; (2) Magic Audio Recorder, Music Editor, and Audio Converter; (3) Aurora Media Workshop; DB Audio Mixer And Editor; (4) J. Hepple Products including Fx Audio Editor and others; (5) EXPStudio Audio Editor; (6) iMesh; (7) Quikscribe; (8) RMBSoft AudioConvert and SoundEdit Pro 2.1; (9) CDBurnerXP; (10) Code-it Software Wave MP3 Editor and aBasic Editor; (11) Movavi VideoMessage, DVD to iPod, and others; (12) SoftDiv Software Dexster, iVideoMAX, and others; (13) Sienzo Digital Music Mentor (DMM); (14) MP3 Normalizer; (15) Roemer Software FREE and Easy Hi-Q Recorder, and Easy Hi-Q Converter; (16) Audio Edit Magic; (17) Joshua Video and Audio Converter; (18) Virtual CD; (19) Cheetah CD and DVD Burner; (20) Mystik Media AudioEdit Deluxe, Blaze Media, and others; (21) Power Audio Editor; (22) DanDans Digital Media Full Audio Converter, Music Editing Master, and others; (23) Xrlly Software Text to Speech Makerand Arial Sound Recorder / Audio Converter; (24) Absolute Sound Recorder, Video to Audio Converter, and MP3 Splitter; (25) Easy Ringtone Maker; (26) RecordNRip; (27) McFunSoft iPod Audio Studio, Audio Recorder for Free, and others; (28) MP3 WAV Converter; (29) BearShare 6.0.2.26789; and (30) Oracle Siebel SimBuilder and CRM 7.x.
by InTeL
CVE-2007-2062 EXPLOITDB c VERIFIED
VCDGear 3.55 and 3.56 BETA - Stack-Based Buffer Overflow via CUE File FILE Argument
Stack-based buffer overflow in VCDGear 3.55 and 3.56 BETA allows user-assisted remote attackers to execute arbitrary code via a long FILE argument in a CUE file.
by InTeL
EIP-2026-103463 EXPLOITDB c VERIFIED
Ettercap-NG 0.7.3 - Remote Denial of Service
by evilrabbi
By Source
All 3,138 Writeup 62,188 Exploitdb 50,076 Nomisec 22,383 Github 3,590 Metasploit 3,311 Vulncheck_xdb 927 Inthewild 514 Gitlab 479 Gitee 415 Patchapalooza 312
By Language
text 31,386 python 6,552 ruby 6,001 c 3,625 perl 2,849 html 2,074 php 1,333 bash 462 java 370 c++ 260 javascript 229 shell 131 go 73 postscript 25 typescript 25